From bb2a1b9521884505337337d368a3a847fe49d959 Mon Sep 17 00:00:00 2001 From: Mike Reeves Date: Fri, 28 Jul 2023 09:46:27 -0400 Subject: [PATCH] Fix Desktop ISO install --- setup/so-functions | 31 ++++++++++++++- setup/so-setup | 95 ++++++++++++++++++++++++---------------------- 2 files changed, 78 insertions(+), 48 deletions(-) diff --git a/setup/so-functions b/setup/so-functions index 491b2563a..96716058c 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -1898,14 +1898,41 @@ securityonion_repo() { logCmd "dnf -v clean all" logCmd "mkdir -vp /root/oldrepos" logCmd "mv -v /etc/yum.repos.d/* /root/oldrepos/" - if [[ ! $waitforstate ]]; then + if [[ $is_desktop_iso ]]; then + if [[ ! is_airgap ]]; then + echo "https://repo.securityonion.net/file/so-repo/prod/2.4/oracle/9" > /etc/yum/mirror.txt + echo "https://so-repo-east.s3.us-east-005.backblazeb2.com/prod/2.4/oracle/9" >> /etc/yum/mirror.txt + echo "[main]" > /etc/yum.repos.d/securityonion.repo + echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo + echo "installonly_limit=3" >> /etc/yum.repos.d/securityonion.repo + echo "clean_requirements_on_remove=True" >> /etc/yum.repos.d/securityonion.repo + echo "best=True" >> /etc/yum.repos.d/securityonion.repo + echo "skip_if_unavailable=False" >> /etc/yum.repos.d/securityonion.repo + echo "cachedir=/opt/so/conf/reposync/cache" >> /etc/yum.repos.d/securityonion.repo + echo "keepcache=0" >> /etc/yum.repos.d/securityonion.repo + echo "[securityonionsync]" >> /etc/yum.repos.d/securityonion.repo + echo "name=Security Onion Repo repo" >> /etc/yum.repos.d/securityonion.repo + echo "mirrorlist=file:///opt/so/conf/reposync/mirror.txt" >> /etc/yum.repos.d/securityonion.repo + echo "enabled=1" >> /etc/yum.repos.d/securityonion.repo + echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo + logCmd "dnf repolist" + else + echo "[securityonion]" > /etc/yum.repos.d/securityonion.repo + echo "name=Security Onion Repo" >> /etc/yum.repos.d/securityonion.repo + echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/securityonion.repo + echo "enabled=1" >> /etc/yum.repos.d/securityonion.repo + echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo + echo "sslverify=0" >> /etc/yum.repos.d/securityonion.repo + logCmd "dnf repolist" + fi + elif [[ ! $waitforstate ]]; then echo "[securityonion]" > /etc/yum.repos.d/securityonion.repo echo "name=Security Onion Repo" >> /etc/yum.repos.d/securityonion.repo echo "baseurl=https://$MSRV/repo" >> /etc/yum.repos.d/securityonion.repo echo "enabled=1" >> /etc/yum.repos.d/securityonion.repo echo "gpgcheck=1" >> /etc/yum.repos.d/securityonion.repo echo "sslverify=0" >> /etc/yum.repos.d/securityonion.repo - else + elif [[ $waitforstate ]]; then echo "[securityonion]" > /etc/yum.repos.d/securityonion.repo echo "name=Security Onion Repo" >> /etc/yum.repos.d/securityonion.repo echo "baseurl=file:///nsm/repo/" >> /etc/yum.repos.d/securityonion.repo diff --git a/setup/so-setup b/setup/so-setup index d752bc113..16db76ef6 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -117,52 +117,6 @@ if [[ "$setup_type" == 'iso' ]]; then fi fi -# Check to see if this is an desktop install. If it is let's run things differently -if [[ $is_desktop ]]; then - title "This is a desktop install" - - # Make sure it's CentOS or Rocky Linux - if [[ $is_rpm ]]; then - info "Security Onion Desktop is supported on this OS." - else - info "Security Onion Desktop is not supported on this OS." - exit 1 - fi - - if ! whiptail_desktop_install; then - if [[ $is_desktop_iso ]]; then - if whiptail_desktop_nongrid_iso; then - # Remove setup from auto launching - parse_install_username - sed -i '$ d' /home/$INSTALLUSERNAME/.bash_profile >> "$setup_log" 2>&1 - info "Enabling graphical interface and setting it to load at boot" - systemctl set-default graphical.target - startx - exit 0 - else - # Abort! - exit 0 - fi - else - if whiptail_desktop_nongrid_network; then - info "" - info "" - info "Kicking off the automated setup of the Security Onion Desktop. This can take a while depending on your network connection." - info "" - info "" - desktop_salt_local - else - # Abort! - exit 0 - fi - fi - fi - - # If you got this far then you want to join the grid - is_minion=true - -fi - if ! [ -f $install_opt_file ] && [ -d /root/manager_setup/securityonion ] && [[ $(pwd) != /root/manager_setup/securityonion/setup ]]; then exec bash /root/manager_setup/securityonion/setup/so-setup "${original_args[@]}" fi @@ -366,6 +320,55 @@ fi # Process the install type process_installtype +# Check to see if this is an desktop install. If it is let's run things differently +if [[ $is_desktop ]]; then + title "This is a desktop install" + + # Make sure it's oracle + if [[ $is_oracle ]]; then + info "Security Onion Desktop is supported on this OS." + else + info "Security Onion Desktop is not supported on this OS." + exit 1 + fi + +# if ! whiptail_desktop_install; then + if [[ $is_desktop_iso ]]; then + if whiptail_desktop_nongrid_iso; then + # Remove setup from auto launching + parse_install_username + sed -i '$ d' /home/$INSTALLUSERNAME/.bash_profile >> "$setup_log" 2>&1 + securityonion_repo + info "Enabling graphical interface and setting it to load at boot" + systemctl set-default graphical.target + startx + exit 0 + else + # Abort! + exit 0 + fi + else + if whiptail_desktop_nongrid_network; then + info "" + info "" + info "Kicking off the automated setup of the Security Onion Desktop. This can take a while depending on your network connection." + info "" + info "" + desktop_salt_local + else + # Abort! + exit 0 + fi + fi +# fi + + # If you got this far then you want to join the grid + is_minion=true + +fi + + + # If this is not an automated install prompt if ! [[ -f $install_opt_file ]]; then # If you are a manager ask ALL the manager things here. I know there is code re-use but this makes it easier to add new roles